chainguard-dev / apko

We calculate the layer digest in GenerateImageSBOM by reading it from disk and hashing it.

We don't need to do that, because we have to calculate the digest already before this. We should pass that value down into this function (or just get it from the passed in img).

apko/pkg/build/build_implementation.go

Lines 127 to 129 in 1e5f9db

    
           if err := s.ReadLayerTarball(o.TarballPath); err != nil { 
        
           	return nil, fmt.Errorf("reading layer tar: %w", err) 
        
           }

This will save ~1ms per MB.

	if err := s.ReadLayerTarball(o.TarballPath); err != nil {
	return nil, fmt.Errorf("reading layer tar: %w", err)
	}

Don't hash the layer twice